package com.sudo.interceptor;

import com.sudo.common.enums.UserParams;
import com.sudo.common.utils.JsonRes;
import com.sudo.common.utils.RedisOperator;
import com.sudo.common.utils.RetResponse;
import com.sudo.service.BaseService;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Set;

/**
 * @author：为道日损 2020-04-24 17:35
 */
public class UserTokenInterceptor extends BaseService implements HandlerInterceptor {

    @Autowired
    private RedisOperator redisOperator;
    /**
     * 请求controller之前
     * @param request
     * @param response
     * @param handler
     * @return
     * @throws Exception
     */
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {

        String userId = request.getHeader(UserParams.HEADER_USER_ID.value);
        String userToken = request.getHeader(UserParams.HEADER_USER_TOKEN.value);

        String roleCode = getRoleCodeFromRedisByUsername(userId);
        if (null == roleCode) {
            RetResponse.res(response, JsonRes.errorMsg("该用户没有权限"));
            return false;
        }

        if (StringUtils.isNotBlank(userId) && StringUtils.isNotBlank(userToken)) {
            String uniqueToken = redisOperator.get(UserParams.REDIS_USER_TOKEN.value + ":" + userId);
            if (StringUtils.isBlank(uniqueToken)) {
                RetResponse.res(response, JsonRes.errorMsg("Token失效，请重新登录"));
                return false;
            } else {
                /*if (!uniqueToken.equals(userToken)) {
                    RetResponse.res(response, JsonRes.errorMsg("账号可能在异地登录"));
                    return false;
                }*/
            }
        } else {
            RetResponse.res(response, JsonRes.errorMsg("Token失效，请重新登录"));
            return false;
        }
        /**
         * false：请求被拦截，被驳回，验证出现问题
         * true：请求验证校验ok，可以放行
         */
        redisOperator.expire(UserParams.REDIS_USER_TOKEN.value +":"+userId,7200);
        return true;
    }

    /**
     * 请求controller之后，渲染视图之前
     * @param request
     * @param response
     * @param handler
     * @param modelAndView
     * @throws Exception
     */
    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

    }

    /**
     * 请求controller之后，渲染视图之后
     * @param request
     * @param response
     * @param handler
     * @param ex
     * @throws Exception
     */
    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {

    }

}
